summaryrefslogtreecommitdiff
path: root/server/providers/ldap
diff options
context:
space:
mode:
authorSumit Bose <sbose@redhat.com>2009-08-24 15:17:37 +0200
committerSimo Sorce <ssorce@redhat.com>2009-08-24 11:03:22 -0400
commitce0111fe4f1c5ea09a23c2be43fc1fcc1cdbdac8 (patch)
treedcea6a6071220dda84ee0e6abc6479780c9ce41d /server/providers/ldap
parent7bc48f82f587b148b821e34f57c1414e82a18276 (diff)
downloadsssd-ce0111fe4f1c5ea09a23c2be43fc1fcc1cdbdac8.tar.gz
sssd-ce0111fe4f1c5ea09a23c2be43fc1fcc1cdbdac8.tar.bz2
sssd-ce0111fe4f1c5ea09a23c2be43fc1fcc1cdbdac8.zip
some UPN handling fixes
- making the realm part upper case is now optional and done in the LDAP backend - using a username@realm UPN is now optional
Diffstat (limited to 'server/providers/ldap')
-rw-r--r--server/providers/ldap/sdap.c8
-rw-r--r--server/providers/ldap/sdap.h4
-rw-r--r--server/providers/ldap/sdap_async.c30
3 files changed, 37 insertions, 5 deletions
diff --git a/server/providers/ldap/sdap.c b/server/providers/ldap/sdap.c
index 0b16db43..312a3674 100644
--- a/server/providers/ldap/sdap.c
+++ b/server/providers/ldap/sdap.c
@@ -40,7 +40,8 @@ struct sdap_gen_opts default_basic_opts[] = {
{ "groupSearchScope", "sub", NULL },
{ "groupSearchFilter", NULL, NULL },
{ "ldapSchema", "rfc2307", NULL },
- { "offline_timeout", "5", NULL }
+ { "offline_timeout", "5", NULL },
+ { "force_upper_case_realm", "0", NULL }
};
struct sdap_id_map default_user_map[] = {
@@ -137,6 +138,11 @@ int sdap_get_options(TALLOC_CTX *memctx,
&opts->offline_timeout);
if (ret != EOK) goto done;
+ ret = confdb_get_bool(cdb, opts, conf_path,
+ "force_upper_case_realm", false,
+ &opts->force_upper_case_realm);
+ if (ret != EOK) goto done;
+
/* schema type */
if (strcasecmp(opts->basic[SDAP_SCHEMA].value, "rfc2307") == 0) {
opts->schema_type = SDAP_SCHEMA_RFC2307;
diff --git a/server/providers/ldap/sdap.h b/server/providers/ldap/sdap.h
index 5afbcfc0..50fc3d10 100644
--- a/server/providers/ldap/sdap.h
+++ b/server/providers/ldap/sdap.h
@@ -84,8 +84,9 @@ enum sdap_result {
#define SDAP_GROUP_SEARCH_FILTER 12
#define SDAP_SCHEMA 13
#define SDAP_OFFLINE_TIMEOUT 14
+#define SDAP_FORCE_UPPER_CASE_REALM 15
-#define SDAP_OPTS_BASIC 15 /* opts counter */
+#define SDAP_OPTS_BASIC 16 /* opts counter */
/* the objectclass must be the first attribute.
* Functions depend on this */
@@ -139,6 +140,7 @@ struct sdap_options {
int network_timeout;
int opt_timeout;
int offline_timeout;
+ bool force_upper_case_realm;
/* supported schema types */
enum schema_type {
diff --git a/server/providers/ldap/sdap_async.c b/server/providers/ldap/sdap_async.c
index 7c6cd2c2..85559178 100644
--- a/server/providers/ldap/sdap_async.c
+++ b/server/providers/ldap/sdap_async.c
@@ -18,11 +18,31 @@
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
+#include <ctype.h>
#include "db/sysdb.h"
#include "providers/ldap/sdap_async.h"
#include "util/util.h"
+#define REALM_SEPARATOR '@'
+
+static void make_realm_upper_case(const char *upn)
+{
+ char *c;
+
+ c = strchr(upn, REALM_SEPARATOR);
+ if (c == NULL) {
+ DEBUG(9, ("No realm delimiter found in upn [%s].\n", upn));
+ return;
+ }
+
+ while(*(++c) != '\0') {
+ c[0] = toupper(*c);
+ }
+
+ return;
+}
+
/* ==LDAP-Memory-Handling================================================= */
static int lmsg_destructor(void *mem)
@@ -841,6 +861,7 @@ static struct tevent_req *sdap_save_user_send(TALLOC_CTX *memctx,
uid_t uid;
gid_t gid;
struct sysdb_attrs *user_attrs;
+ char *upn = NULL;
req = tevent_req_create(memctx, &state, struct sdap_save_user_state);
if (!req) return NULL;
@@ -952,10 +973,13 @@ static struct tevent_req *sdap_save_user_send(TALLOC_CTX *memctx,
if (el->num_values == 0) {
DEBUG(7, ("User principle is not available for user [%s].\n", name));
} else {
+ upn = talloc_strdup(user_attrs, (const char*) el->values[0].data);
+ if (opts->force_upper_case_realm) {
+ make_realm_upper_case(upn);
+ }
DEBUG(7, ("Adding user principle [%s] to attributes of user [%s].\n",
- el->values[0].data, name));
- ret = sysdb_attrs_add_string(user_attrs, SYSDB_UPN,
- (const char *) el->values[0].data);
+ upn, name));
+ ret = sysdb_attrs_add_string(user_attrs, SYSDB_UPN, upn);
if (ret) {
goto fail;
}